<?php
if (!defined( "IN_UCHOME" ) ) exit( "Access Denied" );
require('class.action.php');
class ajax extends action
{
	var $charset = '';
	var $uid = 0;
	var $username = '';

	function ajax($op, $charset, $uid, $username)
	{
		$this->uid = $uid;
		$this->username = $username;
		$this->charset = $charset;
		$op = 'op_' . $op;
		if(method_exists($this, $op)){
			$this->$op();
		}else{
			$this->error();
		}
	}

	function op_send_mail()
	{
		global $_SCONFIG, $_SN;
		if(!$_POST['myFormAc']) exit();
		if(empty($_POST['emails']) || empty($_POST['user_name'])){
			$data = array('status'=>404, 'message'=>'出错了！必须填写email地址和你的姓名！');
			$this->ajax_out($this->jsonencode($data));
		}
		$id = intval($_POST['id']);
		require('class.show.php');
		$show = new show;
		$data = $show->get_data($id, false);
		if(empty($data) || $data['uid'] != $this->uid){
			$data = array('status'=>404, 'message'=>'出错了！这不是你该来的地方');
			$this->ajax_out($this->jsonencode($data));
		}
		realname_get();
		$emails = array_unique(explode(',', str_replace("\n", ',', $_POST['emails'])));
		$invitenum = 0;
		$mail_message = sreadfile('action/view/mail_message.htm');
		$path =  'http://' . $_SERVER['HTTP_HOST'] . substr($_SERVER['SCRIPT_NAME'], 0, -10);
		$logo = $data['picture'] ? $data['picture'] : 'action/img/event.png';
		$logo = $path . $logo;
		$replace = array('{logo}','{site}','{user}','{subject}','{link}');
		$site = $_SCONFIG['sitename'];
		$user = $_SN[$data['uid']];
		$subject = $data['subject'];
		$param = array($logo, $site, $user, $subject);
		foreach($emails as $key => $value) {
			if(!$value || !preg_match('/^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$/', $value)) continue;
			$invite_data = $this->query_one("select count(*) as num from ".tname('app_action_invite_site')." where id = '{$id}' and email = '".addslashes($value)."' ");
			if($invite_data['num'] > 0) continue;
			$code = $this->random(9);
			$hash = substr(md5($id . $value . $code), 0, 10);
			$param[] = $path . "action.php?ac=invite&do=show&id={$id}&email=" . urlencode($value) . "&hash=" . $hash;
			$setarr = array(
				'id' => $id,
				'code' => $code,
				'email' => addslashes($value),
				'status'=>0
			);
			inserttable('app_action_invite_site', $setarr, 1, true);
			include_once(S_ROOT.'./source/function_cp.php');
			$subject = "你的好友 {$_POST['user_name']} 发起了一个活动，邀请你参加";
			$message = str_replace($replace,  $param, $mail_message);
			addmailcron(0, $value, $subject, $message);
			array_pop($param);
		}
		$data = array('status'=>200, 'message'=>'<p>邮件已经加入发送队列，一会系统将会发送邮件！</p><p>系统将在3秒钟后转向活动页面</p><script type="text/javascript">setTimeout(function(){window.location.href="action.php?ac=show&id='.$id.'";}, 3000);</script>');
		$this->ajax_out($this->jsonencode($data));
	}

	function op_dump()
	{
		$id = intval($_GET['id']);
		$type = $_GET['type'];
		$myFormAc = $_POST['myFormAc'];
		if($myFormAc != 'update' || !$id || !$type || !in_array($type, array('email','msn','card','send'))){
			$data = array('status'=>404, 'message'=>'出错了！提交了错误的参数');
			$this->ajax_out($this->jsonencode($data));
		}
		require('class.show.php');
		$show = new show;
		$data = $show->get_data($id, false);
		if(empty($data)){
			$data = array('status'=>404, 'message'=>'出错了！该活动不存在');
			$this->ajax_out($this->jsonencode($data));
		}
		if($data['uid'] != $this->uid){
			$data = array('status'=>404, 'message'=>'出错了！只有该活动的发起者才能使用站外邀请');
			$this->ajax_out($this->jsonencode($data));
		}
		$op = '_op_invite_' . $type;
		$this->$op($data);
	}

	function _op_invite_card($event)
	{
		header('Content-type: text/html; charset=' . $_SC['charset']);
		print_r($_FILES);
		if(empty($_FILES['cardfile']) || $_FILES['cardfile']['error'] > 0) {
			$ret = 'error';
		} else {
			if(is_uploaded_file($_FILES['cardfile']['tmp_name']) && move_uploaded_file($_FILES['cardfile']['tmp_name'], 'data/tpl_cache/' . $_FILES['cardfile']['name'])){
				$content = sreadfile('data/tpl_cache/' . $_FILES['cardfile']['name']);
			}else{
				echo "<script language=javascript>parent.accountAjaxShow('".addslashes('errorii')."');</script>";
				exit();
			}
			preg_match_all("/[a-z0-9_\.\-]+@[a-z0-9\-]+\.[a-z]{2,6}/i", $content, $matches);
			if(($emails = array_unique($matches[0])) !=false) {
				$ret = $this->diff_contacts(array_flip($emails));
			} else {
				$ret = "empty";
			}
			unset($matches);
		}
		echo "<script language=javascript>parent.accountAjaxShow('".addslashes($ret)."');</script>";
		exit();
	}

	function _op_invite_msn($event)
	{
		$account = trim($this->ajax_get('account'));
		$passwd = trim($this->ajax_get('passwd'));
		if(empty($account) || empty($passwd)){
			$data = array('status'=>404, 'message'=>'出错了！你填写的数据不完整');
			$this->ajax_out($this->jsonencode($data));
		}
		require_once (S_ROOT.'./source/invite/mailfactory.php');
		$contact = new MailFactory(MMSN);
		$contacts = $contact->getContactList($account, $passwd);
		if($contacts == 0) $this->ajax_out('error');
		if(empty($contacts)) $this->ajax_out('empty');
		$msg = $this->diff_contacts($contacts);
		$this->ajax_out($msg);
	}

	function _op_invite_email($event)
	{
		$account = trim($this->ajax_get('account'));
		$passwd = trim($this->ajax_get('passwd'));
		$postoffice =trim($this->ajax_get('postoffice'));
		if(empty($account) || empty($passwd) || empty($postoffice)){
			$data = array('status'=>404, 'message'=>'出错了！你填写的数据不完整');
			$this->ajax_out($this->jsonencode($data));
		}
		require_once (S_ROOT.'./action/invite/mailfactory.php');
		switch ($_POST['postoffice']) {
			case "126.com":
				$contact = new MailFactory(M126);
				break;
			case "sina.com":
				$contact = new MailFactory(MSINA);
				break;
			case "tom.com":
				$contact = new MailFactory(MTOM);
				break;
			case "gmail.com":
				$contact = new MailFactory(MGOOGLE);
				break;
			case "163.com":
				$contact = new MailFactory(M163);
				break;
			case "sohu.com":
				$_POST['account'] = $_POST['account'] . "@" . $_POST['postoffice'];
				$contact = new MailFactory(MSOHU);
				break;
			case "vip.sohu.com":
				$_POST['account'] = $_POST['account'] . "@" . $_POST['postoffice'];
				$contact = new MailFactory(MSOHU_VIP);
				break;
			case "yahoo.cn":
			case "yahoo.com":
			case "yahoo.com.cn":
				$_POST['account'] = $_POST['account'] . "@" . $_POST['postoffice'];
				$contact = new MailFactory(MYAHOO);
				break;
			default:
				$this->ajax_out('error');
		}
		$contacts = $contact->getContactList($account, $passwd);
		if($contacts == 0) $this->ajax_out('error');
		if(empty($contacts)) $this->ajax_out('empty');
		$msg = '';
		if($postoffice == "sina.com" || $postoffice == "sohu.com" || $postoffice == "vip.sohu.com" ) {
			$msg =  $this->diff_contacts($contacts);
		} else {
			$msg =  $this->diff_contacts(array_flip($contacts));
		}
		$this->ajax_out($msg);
	}

	function diff_contacts($contacts = array('email'=>'nick')){
		global $_SGLOBAL;
		$ret = array(
			'list' => array(),
			'reg' => array()
		);
		foreach ($contacts as $email => $nick){
			$ret['list'][] = array(
				'email' => $email,
				'nick' => is_numeric($nick) ? $email : $nick,
			);
			unset($contacts[$email]);
		}
		if (!function_exists('json_encode') ) {
			require_once (S_ROOT.'./source/contact/json.php');
			$json = new Services_JSON;
			return $json->encode($ret);
		} else {
			return json_encode($ret);
		}
	}

	function op_purview()
	{
		global $_SN;
		$id = intval($_GET['id']);
		require_once('class.show.php');						
		$show = new show;
		$data = $show->get_data($id, false);
		if(empty($data) || $data['uid'] != $this->uid || ($data['collect_type'] != 2 && $data['collect_type'] != 3)){
			$data = array('status'=>404, 'message'=>'你没有权限这么操作');
		}else{
			if($_POST['myFormAc'] == 'update'){
				$temp = is_array($_POST['uids']) ? $_POST['uids'] : array();
				$uids = array();
				foreach($temp as $key=>$val){
					if(intval($val) < 1) continue;
					$uids[] = intval($val);
				}
				if(empty($uids)){	 
					$data = array('status'=>404, 'message'=>'出错了！没有选择通过审核的人');
				}else{
					include_once(S_ROOT.'./source/function_cp.php');
					$note = "<font color=green>活动信息</font>：你在活动《<a href=\"action.php?ac=show&id={$data['id']}\">{$data['subject']}</a>》中提出的申请，已通过审核";
					foreach($uids as $uid){
						$this->query_exec("update ".tname("app_action_join"). " set is_pass = 1, status = 0 where id = '{$id}' and uid = '{$uid}'  and is_pass = 0 and status = 0 ");
						notification_add($uid, 'event', $note);
					}
					$this->update_num($id);
					$data = array('status'=>200, 'message'=>'审核操作成功！');
				}
				$this->ajax_out($this->jsonencode($data));
			}else{
				$users = $this->query_all("select uid, username from  ".tname("app_action_join"). " where id = '{$id}' and is_pass = 0 and status = 0");
				if(empty($users)){
					$data = array('status'=>404, 'message'=>'还没有需要审核的');
					$this->ajax_out($this->jsonencode($data));
				}
				foreach($users  as $key=>$val){
					realname_set($val['uid'], $val['username']);
				}
				realname_get();
				$op = 'purview';
				include_once( template( "action/view/ajax" ) );
				$this->get_content();
			}
		}
		$this->ajax_out($this->jsonencode($data));
	}

	function op_share()
	{
		global $_SN;
		$id = intval($_GET['id']);
		require_once('class.show.php');						
		$show = new show;
		$event = $show->get_data($id, false);
		if(empty($event)){
			$data = array('status'=>404, 'message'=>'此活动不存在了');
		}elseif($event['privite'] == 2){
			$data = array('status'=>404, 'message'=>'这是一个封闭的活动，不能被分享！');
		}else{
			realname_set($event['uid'], $event['username']);
			realname_get();
			if($_POST['myFormAc'] == 'update'){
				$arr['title_template'] = '分享了一个活动';
				$arr['body_template'] = "<b>{subject}</b><br/>组织者：{author}<br/>类型：{eventtype}<br/>地点：{area}";
				$arr['body_data'] = array(
					'subject' => "<a href=\"action.php?ac=show&id={$event['id']}\">{$event['subject']}</a>",
					'author' => "<a href='space.php?uid={$event['uid']}'>{$_SN[$event['uid']]}</a>",
					'eventtype'=> "{$event['eventtype']}",
					'area'=>"{$event['p']} {$event['c']} {$event['area']}"
				);
				$arr['image_link'] = "action.php?ac=show&id={$event['id']}";
				$arr['image'] = $event['picture'] ? $event['picture'] : 'action/img/event.png';
				$arr['body_general'] = $this->ajax_get('general');
				include_once(S_ROOT.'./source/function_cp.php');
				share_add('event', $arr['title_template'], $arr['body_template'], $arr['body_data'], $arr['body_general'], $arr['image'], $arr['image_link']);

				$fs = array();
				$fs['icon'] = 'event';
				$fs['title_template'] = "<b>{actor} 分享了一个活动</b>";
				$fs['title_data'] = array();
				$fs['body_template'] = "<b>{subject}</b><br/>组织者：{author}<br/>类型：{eventtype}<br/>地点：{area}";
				$fs['body_data'] = array(
					'subject' => "<a href=\"action.php?ac=show&id={$event['id']}\">{$event['subject']}</a>",
					'author' => "<a href='space.php?uid={$event['uid']}'>{$_SN[$event['uid']]}</a>",
					'eventtype'=> "{$event['eventtype']}",
					'area'=>"{$event['p']} {$event['c']} {$event['area']}"
				);
				$fs['body_general'] = $arr['body_general'];
				$fs['images'] = array($event['picture'] ? $event['picture'] : 'action/img/event.png');
				$fs['image_links'] = array("action.php?ac=show&id={$event['id']}");
				feed_add($fs['icon'], $fs['title_template'], $fs['title_data'], $fs['body_template'], $fs['body_data'], $fs['body_general'],$fs['images'], $fs['image_links'], $fs['target_ids'], $fs['friend'], UC_APPID, 1);
				
				if($this->uid != $event['uid']){
					$note = "<font color=green>活动信息</font>：<a href='space.php?uid={$this->uid}'>{$_SN[$this->uid]}</a> 分享了你发起的活动《<a href=\"action.php?ac=show&id={$event['id']}\">{$event['subject']}</a>》";			
					notification_add($event['uid'], 'event', $note);
				}

				$data = array('status'=>200, 'message'=>'恭喜你，分享成功！');
			}else{
				$op = 'share';
				include_once( template( "action/view/ajax" ) );
				$this->get_content();
			}
		}
		$this->ajax_out($this->jsonencode($data));
	}

	function op_show_num()
	{
		$id = intval($_GET['id']);
		$num = $this->query_one("select join_num, interest_num from ".tname("app_action"). " where id = '{$id}' ");
		if(empty($num)){
			$data = array('status'=>404, 'message'=>'提交了非法的请求数据！');
		}else{
			$data = array('status'=>200, 'message'=>"<div class=\"popupmenu_inner\">提交成功。该活动已有 {$num['join_num']} 人参加，{$num['interest_num']} 人感兴趣</div>");
		}
		$this->ajax_out($this->jsonencode($data));
	}

	function op_remember()
	{
		$id = intval($_GET['id']);
		require_once('class.show.php');						
		$show = new show;
		$data = $show->get_data($id, false);
		if($this->uid != $data['uid']) exit();
		$this->check_time($data['start_time']);
		if($_POST['myFormAc'] == 'update'){
			$person = $this->query_all("select * from ".tname('app_action_join')." where id = '{$id}' and type = 'join' and is_pass = 1");
			include_once(S_ROOT.'./source/function_cp.php');
			$data['start_time'] = sgmdate('Y-n-d H:i', $data['start_time']);
			foreach($person as $val){
				$note = "<font color=green>活动提醒</font>：活动《<a href=\"action.php?ac=show&id={$data['id']}\">{$data['subject']}</a>》将于{$data['start_time']}开始，请关注";			
				notification_add($val['uid'], 'event', $note);
			}
			$data = array('status'=>200, 'message'=>'<p>提醒通知发送成功！</p>');
			$this->ajax_out($this->jsonencode($data));
		}else{
			$op = 'remember';
			include_once( template( "action/view/ajax" ) );
			$this->get_content();
		}
	}

	function op_delete()
	{
		$id = intval($_GET['id']);
		require_once('class.show.php');						
		$show = new show;
		$data = $show->get_data($id, false);
		if(ADMIN_UID != $this->uid && $this->uid != $data['uid']) exit();
		if($_POST['myFormAc'] == 'update'){
			$show->delete($id);
			$data = array('status'=>200, 'message'=>'<p>删除成功！</p><script type="text/javascript">setTimeout(function(){window.location="action.php?ac=index";}, 2000);</script>');
			$this->ajax_out($this->jsonencode($data));
		}else{
			$op = 'delete';
			include_once( template( "action/view/ajax" ) );
			$this->get_content();
		}
	}

	function op_delete_album()
	{
		if(!$_POST['myFormAc']) exit();
		$pid = intval($_GET['pid']);
		require_once('class.show.php');						
		$show = new show;
		$album = $show->get_picture($pid);

		if(empty($album) || false === ($data = $show->get_data($album['id'], false))){
			$data = array('status'=>404, 'message'=>'<p>提交了非法的请求数据！</p>');
		}else{
			if($album['uid'] == $this->uid || $data['uid'] == $this->uid || $this->uid == ADMIN_UID){
				$show->del_picture($pid);
				$data = array('status'=>200, 'message'=>'<p>照片删除成功！</p><script type="text/javascript">setTimeout(function(){window.location="action.php?ac=album&id='.$data['id'].'";}, 2000);</script>');
			}else{
				$data = array('status'=>404, 'message'=>'<p>你没有权限删除此照片！</p>');
			}
		}
		$this->ajax_out($this->jsonencode($data));
	}

	function op_join()
	{
		global $_SGLOBAL;
		$param = array();
		$param['type'] = $_POST['jointype'];
		$param['id'] = intval($_POST['id']);
		$param['is_pass'] = 1;
		$param['uid'] = $this->uid;
		$param['username'] = $this->username;
		$param['status'] = 0;
		if(!in_array($param['type'], array('join','interest','quite', 'no_interest')) || $param['id'] < 1 || false === ($event = $this->check_event($param['id']))) $this->error();
		$status = $this->get_user_event_status($param['id'], $param['uid']);
		$do = 'do_' . $param['type'];
		$this->$do($event, $param, $status);
	}

	function do_join(&$event, &$param, &$status)
	{
		global $_SGLOBAL;
		$this->check_time($event['start_time']);
		if($event['collect_type'] == 1 || $event['collect_type'] == 3){
			if(!is_array($_SGLOBAL['member']['friends']) || !in_array($event['uid'], $_SGLOBAL['member']['friends'])){
				if($event['uid'] != $_SGLOBAL['member']['uid']){
					$data = array('status'=>404, 'message'=>'你不是该发起人的好友，不能加入！');
					$this->ajax_out($this->jsonencode($data));
				}
			}
		}
		if($event['person_num'] > 0 && $event['join_num'] >= $event['person_num']){
			$data = array('status'=>404, 'message'=>"该活动只允许{$event['person_num']}个人参加，参加人数已经满了，你不能加入！");
			$this->ajax_out($this->jsonencode($data));
		}
		if($event['collect_type'] == 2 || $event['collect_type'] == 3){
			$param['is_pass'] = 0;
		}
		if(empty($status) || $status['type'] == 'interest'){
			inserttable('app_action_join', $param, 0, true);
			$this->update_num($param['id']);
			$message = $param['is_pass'] ? "成功加入此活动！<script type='text/javascript'>action.show_num({$param['id']});</script>" : "操作成功，等待发起人的审核中！<script type='text/javascript'>action.show_num({$param['id']});</script>"; 
			if(!$param['is_pass']){
				include_once(S_ROOT.'./source/function_cp.php');
				$note = "<font color=green>活动信息</font>：活动《<a href=\"action.php?ac=show&id={$event['id']}\">{$event['subject']}</a>》有人申请，需要审核";			
				notification_add($event['uid'], 'event', $note);
			
				if($event['privite'] != 2){
					include_once(S_ROOT.'./action/class.news.php');
					$feed = array(
						'subject'=>"<a href='action.php?ac=show&id={$event['id']}'>{$event['subject']}</a>",
					);
					feeds::add($feed, 0);
				}
			}else{
				if($event['privite'] != 2){
					include_once(S_ROOT.'./action/class.news.php');
					$feed = array(
						'subject'=>"<a href='action.php?ac=show&id={$event['id']}'>{$event['subject']}</a>",
					);
					feeds::add($feed, 1);
				}
			}
			$data = array('status'=>200, 'message'=>$message);
			$this->ajax_out($this->jsonencode($data));
		}else{
			if($status['status'] == 1){
				$data = array('status'=>404, 'message'=>'你曾加过此活动，但又退出了。因此被拒绝加入！');
				$this->ajax_out($this->jsonencode($data));
			}else{
				if($status['is_pass'] == 0){
					$data = array('status'=>404, 'message'=>'你已经申请过加入此活动，正在等待发起人的确认！');
					$this->ajax_out($this->jsonencode($data));
				}else{
					$data = array('status'=>404, 'message'=>'你已经加入过活动！');
					$this->ajax_out($this->jsonencode($data));
				}
			}
		}
	}

	function do_interest(&$event, &$param, &$status)
	{
		$this->check_time($event['start_time']);
		if(!empty($status)){
			$data = array('status'=>404, 'message'=>'你提交了非法的数据请求！');
			$this->ajax_out($this->jsonencode($data));
		}
		inserttable('app_action_join', $param);
		$this->update_num($param['id']);
		if($event['privite'] != 2){
			include_once(S_ROOT.'./action/class.news.php');
			$feed = array(
				'subject'=>"<a href='action.php?ac=show&id={$event['id']}'>{$event['subject']}</a>",
			);
			feeds::add($feed, 2);
		}
		$data = array('status'=>200, 'message'=>"你的请求已经成功！<script type='text/javascript'>action.show_num({$param['id']});</script>");
		$this->ajax_out($this->jsonencode($data));
	}

	function do_no_interest(&$event, &$param, &$status)
	{
		$this->check_time($event['start_time']);
		if(empty($status)){
			$data = array('status'=>404, 'message'=>'你提交了非法的数据请求！');
			$this->ajax_out($this->jsonencode($data));
		}
		$this->query_exec("delete from ".tname("app_action_join"). " where id = '{$param['id']}' and uid = '{$param['uid']}' ");
		$this->update_num($param['id']);
		$data = array('status'=>200, 'message'=>"你的请求已经成功！<script type='text/javascript'>action.show_num({$param['id']});</script>");
		$this->ajax_out($this->jsonencode($data));
	}

	function do_quite(&$event, &$param, &$status)
	{
		$this->check_time($event['start_time']);
		if(empty($status) || $status['type'] != 'join'){
			$data = array('status'=>404, 'message'=>'你提交了非法的数据请求！');
			$this->ajax_out($this->jsonencode($data));
		}
		updatetable('app_action_join', array('status'=>1, 'is_pass'=>0), array('id'=>$param['id'], 'uid'=>$param['uid']));
		$this->update_num($param['id']);
		$data = array('status'=>200, 'message'=>"恭喜你，已经退出此活动！<script type='text/javascript'>action.show_num({$param['id']});</script>");
		$this->ajax_out($this->jsonencode($data));
	}

	function op_reply_add()
	{
		global $_SGLOBAL, $_SN;
		$param['id'] = intval($_GET['id']);
		$param['message'] = $this->ajax_get('message');
		require_once('class.show.php');
		$show = new show;
		$event = $show->get_data($param['id'], false);
		if(empty($event)){
			$data = array('status'=>404, 'message'=>'当前活动不存在！');
			$this->ajax_out($this->jsonencode($data));
		}
		if(empty($_POST['myFormAc']) || empty($param['id']) || empty($param['message']) || false === ($userid = $this->_check_event($param['id']))) {
			$data = array('status'=>404, 'message'=>'提交的数据请求不完整！');
		}else{
			if(intval($_POST['parentid']) < 1){
				$param['parentid'] = 0;
				$param['dpath'] = 0;
			}else{
				$reply = $this->_get_reply(intval($_POST['parentid']));
				if(empty($reply)){
					$data = array('status'=>404, 'message'=>'提交非法的数据请求！');
					$this->ajax_out($this->jsonencode($data));
				}
				while($reply['dpath']){
					$reply = $this->_get_reply(intval($reply['parentid']));
				}

				$param['parentid'] = intval($reply['pid']);
				$param['dpath'] = 1 ;
			}
			$param['uid'] = $_SGLOBAL['member']['uid'];
			$param['username'] = $_SGLOBAL['member']['username'];
			$param['dateline'] = $_SERVER['REQUEST_TIME'];
			$pid = inserttable('app_action_reply', $param, true);
			if($param['parentid'] == 0) updatetable('app_action_reply', array('parentid'=>$pid), array('pid'=>$pid));

			if($data['privite'] != 2){
				include_once(S_ROOT.'./action/class.news.php');
				$feed = array(
					'subject'=>"<a href='action.php?ac=show&id={$event['id']}'>{$event['subject']}</a>",
				);
				feeds::add($feed, 4);
			}


			$data = array('status'=>200, 'message'=>"评论发表成功！<script type='text/javascript'>window.location.href='action.php?ac=show&id={$param['id']}';</script>");
		}
		$this->ajax_out($this->jsonencode($data));
	}

	function op_reply_delete()
	{
		if(empty($_POST['myFormAc'])) exit();
		$pid = intval($_GET['pid']);
		$reply = $this->_get_reply($pid);
		if(empty($reply)){
			$data = array('status'=>404, 'message'=>'请求的数据不存在了！');
		}else{
			if($this->uid == $reply['uid'] || $this->uid == $this->_check_event($reply['id']) || $this->uid == ADMIN_UID){
				if($reply['dpath']){
					$this->query_exec("delete from ".tname("app_action_reply")." where pid = '{$pid}' ");
					$data = array('status'=>200, 'message'=> array($pid));
				}else{
					$temp = $this->query_all("select pid from ".tname("app_action_reply")." where parentid = '{$pid}' ");
					$this->query_exec("delete from ".tname("app_action_reply")." where parentid = '{$pid}' ");
					$pids = array();
					foreach($temp as $v){
						$pids[] = $v['pid'];
					}
					$data = array('status'=>200, 'message'=> $pids);
				}
			}else{
				$data = array('status'=>404, 'message'=> '你没有权限删除评论');
			}
		}
		$this->ajax_out($this->jsonencode($data));
	}

	function _get_reply($pid)
	{
		return $this->query_one("select * from ".tname("app_action_reply")." where pid = '{$pid}' ");
	}

	function _check_event($id)
	{
		$temp = $this->query_one("select uid from ".tname("app_action")." where id = '{$id}' ");
		return empty($temp) ? false : $temp['uid'];
	}

	function op_invite()
	{
		global $_SGLOBAL, $_SN;
		$id = intval($_GET['id']);
		require_once('class.show.php');						
		$show = new show;
		$data = $show->get_data($id, false);
		if(empty($data)){
			$data =  array('status'=>404, 'message'=> '该活动不存在');
			$this->ajax_out($this->jsonencode($data));
		}
		if($data['privite'] == 2 && $data['uid'] != $this->uid){
			$data =  array('status'=>404, 'message'=> '这是一个秘密的活动，只有活动的发起者才能邀请');
			$this->ajax_out($this->jsonencode($data));
		}
		if($_POST['myFormAc'] == 'update'){
			include_once(S_ROOT.'./source/function_cp.php');
			realname_get();
			$friend = explode(',', $_POST['friend']);
			foreach($friend as $uid){
				if(1 > ($uid = intval($uid))) continue;
				if($data['privite'] == 2 && $data['uid'] == $this->uid){
					$temp = $this->query_one("select hash from ".tname("app_action_invite")." where id = '{$data['id']}' and uid = {$uid} ");
					if(empty($temp)){
						$hash = $this->random(9);
						$this->query_exec("replace into ".tname("app_action_invite")." (id, uid, hash) values ('{$data['id']}','{$uid}','{$hash}') ");
					}else{
						$hash = $temp['hash'];
					}
					$link = "action.php?ac=show&id={$data['id']}&hash={$hash}";
				}else{
					$link = "action.php?ac=show&id={$data['id']}";
				}
				$note = "<font color=green>活动信息</font>：<a href='space.php?uid={$this->uid}'>{$_SN[$this->uid]}</a>邀请你参加活动《<a href=\"{$link}\">{$data['subject']}</a>》";
				notification_add($uid, 'event', $note);
			}
			$data =  array('status'=>200, 'message'=> '邀请发送成功');
			$this->ajax_out($this->jsonencode($data));
		}else{
			$friends = $_SGLOBAL['member']['friends'];
			$users = array();
			if(is_array($friends) && count($friends) > 0){
				$uids = implode(',', $friends);
				$temp = $this->query_all("select uid, username from ".tname("space")." where uid IN ($uids)  ");
				foreach($temp as $val){
					$users[] = array(
						'name'=> $val['username'],
						'uid' => $val['uid']
					);
					realname_set($val['uid'], $val['username']);
				}
				realname_get();
			}
			$op = 'invite';
			include_once( template( "action/view/ajax" ) );
			$this->get_content();
		}
	}

	function op_upload()
	{
		$id = intval($_GET['id']);
		$op = 'upload';
		require_once('class.show.php'); 
		$show = new show;
		$purview = $show->check_user($id);
		$data = $show->get_data($id, false);
		if(empty($data)){
			$data = array('status'=>404, 'message'=>'出错了，该活动不存在了');
			$this->ajax_out($this->jsonencode($data));
		}else{
			if($_SERVER['REQUEST_TIME'] < $data['end_time'] && $this->uid != $data['uid']){
				$data = array('status'=>404, 'message'=>'活动还没有结束，因此只有活动发起者才能上传');
				$this->ajax_out($this->jsonencode($data));
			}
			include_once( template( "action/view/ajax" ) );
			$this->get_content();
		}
	}

	function get_content()
	{
		$m = ob_get_contents();
		ob_clean();
		header('Content-type: text/xml; charset='.$this->charset);
		$this->ajax_out($m);
	}

	function check_time($start_time)
	{
		if($_SERVER['REQUEST_TIME'] > $start_time){
			$data = array('status'=>404, 'message'=>'只能在活动开始前进行操作！');
			$this->ajax_out($this->jsonencode($data));
		}
	}

	function update_num($id)
	{
		$join = $this->query_one("select count(*) as num from ".tname("app_action_join"). " where id = '{$id}' and type = 'join' and is_pass = 1");
		$interest = $this->query_one("select count(*) as num from ".tname("app_action_join"). " where id = '{$id}' and type = 'interest'");
		updatetable('app_action', array('join_num'=>$join['num'], 'interest_num'=>$interest['num']), array('id'=>$id));
	}

	function get_user_event_status($id, $uid)
	{
		return $this->query_one("select type, is_pass, status from ".tname("app_action_join"). " where id = '{$id}' and uid = '{$uid}'");
	}

	function check_event($id)
	{
		$temp = $this->query_one("select id, uid, username, person_num, end_time, collect_type, privite, join_num, interest_num, start_time, end_time, subject from ".tname("app_action"). " where id = '{$id}' ");
		return empty($temp) ? false : $temp;
	}

	function error()
	{
		$error = array('status'=>404, 'message'=>'提交了非法的数据请求');
		$this->ajax_out($this->jsonencode($error));
	}

	function jsonencode(&$data){
		if (is_null($data)) return 'null';
		if ($data === false) return 'false';
		if ($data === true) return 'true';
		if (is_scalar($data)){
		  if (is_float($data)) return floatval(str_replace(",", ".", strval($data)));
		  if (is_string($data)){
			static $jsonReplaces = array(array("\\", "/", "\n", "\t", "\r", "\b", "\f", '"'), array('\\\\', '\\/', '\\n', '\\t', '\\r', '\\b', '\\f', '\"'));
			return '"' . str_replace($jsonReplaces[0], $jsonReplaces[1], $data) . '"';
		  }else return $data;
		}
		$isList = true;
		$num = count($data);
		for ($i = 0, reset($data); $i < $num; $i++, next($data)){
		  if (key($data) !== $i){
			$isList = false;
			break;
		  }
		}
		$result = array();
		if ($isList){
		  foreach ($data as $v) $result[] = $this->jsonencode($v);
		  return '[' . join(',', $result) . ']';
		}else{
		  foreach ($data as $k => $v) $result[] = $this->jsonencode($k).':'.$this->jsonencode($v);
		  return '{' . join(',', $result) . '}';
		}
	}

	function ajax_out($msg)
	{
		die('<?xml version="1.0" encoding="'.$this->charset.'"?><root><![CDATA['.trim($msg).']]></root>');
	}

	function ajax_get($name)
	{
		return htmlspecialchars(preg_replace("/<.*?>/", '', siconv(urldecode($_POST[$name]), $this->charset, 'utf-8')));
	}
}
?>